For the full experience: 1) Clone the repo 2) Open the docs folder in Obsidian

Fullchee's Notes
Security Inbox
Initializing search
    Fullchee/notes
    • Fullchee's Notes
    • Glossary
    • Portfolio
    • Soft skills
    • Technical
    • Web dev
    Fullchee/notes
    • Fullchee's Notes
    • Glossary
      • Creating a documentation culture
      • Forma work
      • Leading a week-long front-end bootcamp
      • Open Source Contributions
        • Asking for Help
        • First 90 days at a job
        • Postmortems
        • Estimating
        • Forget Velocity, Let's Talk Acceleration • Jessica Kerr • GOTO 2017
        • What do I do with my life?
          • 1 on 1s
          • Management
          • Why your manager manages
          • Mentorship
          • How to congratulate your team
          • How to give feedback
          • Leaving a company
          • Negotiating After Your Start Date
          • Planning for your next role
          • Negotiating
          • Tech Lead
          • Performance Reviews
        • Interviewing
        • Presenting
        • Storytelling
          • Injury Prevention
          • Running
          • Dragon boat career
        • 2021 fullchee.com redesign
        • How I use Reddit
        • Gift Giving
        • How to avoid getting conned
        • TTC
          • A brief history of humankind
          • A history of the world since 1300
          • Philosophy of death
          • My experience with Pomodoros
          • Why Foam instead of MDX
          • Why I quit Anki
          • Detachment
          • Progress
          • What to do when nothing works
          • Glossary
          • Mental History
          • My good qualities
            • ADHD Samskaras
            • ADHD Symptoms
            • Adult ADHD Treatment
            • Neuroscience of ADHD
            • Parenting child with ADHD
            • Say Thank You instead of Sorry
            • What's wrong with trying to be neurotypical
              • Boredom
              • Motivation
              • Picking projects
              • Procrastination
              • Spaceship you
              • Strengths
              • Theme
                • Burnout
                • Suffering, meaning and purpose
                • Why do I work so hard? (avoiding crashes)
            • Anxiety
              • Doormat
              • People Pleasing
            • Attachment Styles
            • Being less negative
            • Blame
            • Congruent Depression
            • Depression Samskaras
            • Identity
            • Karma and Dharma
            • Neuroscience of Depression
            • Self Esteem
            • Shame
            • Stress
            • Tired
            • What depression looks like
            • Why we have negative emotions
            • Worth
            • Developers and Depression
            • Therapy
            • Gratitude
            • Happiness
            • Healing the inner child baby elephant
            • Learned Helplessness
            • Love
            • Sleep
              • Addiction Treatment
              • Addiction
              • Sobriety vs abstinence
            • Meditation goals
            • Meditations
            • Samskaras
            • What is ego
            • Building a healthy sense of self
            • Confidence
            • Imposter Phenomenon
            • Perfectionism
            • Why it's hard to be an Asian kid
            • Metaphors for the mind
      • Stock Options
      • What does Forma Do?
        • Android Usage
        • Locked out of Macbook
        • Dates
        • Dev Philosophy
        • Build vs Runtime vs Dev Environment
        • [UUIDs explained](https://www.sohamkamani.com/uuid-versions-explained/)
        • Assertions
        • Why so many programming languages?
        • Excel
        • Image Editing
        • Latex
        • LinkedIn
        • Slack tips
        • Docs Inbox
        • Video Documentation
        • Why MKDocs Material
        • Writing Good
        • Docs as code
        • Documentation Tech Talks
        • Docs
        • Markdown and MKDocs tips
        • MKDocs Notes
        • GDB
        • Vim
        • Dotfiles
        • Find
        • Terminal commands
        • Terminal on Android
        • Terminal shortcuts
        • Bash scripts
        • Bash
        • Disk usage on the terminal
        • Mac shell notes
        • Remote machine shell
        • sed
        • Terminal files
        • Windows cmd
          • Git branching
          • Git adding
          • Git stuff that's ingrained in my head
          • Searching Git History
          • [Git Submodules](https://www.atlassian.com/git/tutorials/git-submodule)
          • Git
          • GitHub Tips and Tricks
          • Merging
          • Working with the remote repo
      • Why `msn.com` is the 38th most visited website
        • Auth0
        • JSON Web Tokens (JWTs)
        • Security Inbox
          • Cookies
          • HTTP Basic Authentication
          • [Permissions](https://fullchee-reminders.netlify.app/link/1119)
          • Encryption
          • Hashing
          • CSRF
          • XSS
        • Don't use localhost IP address
        • Heroku
        • Java
        • Linux
        • Why dotfiles?
          • AWS CLI
          • AWS CloudWatch
          • AWS S3
          • AWS Services for an app
          • Content Management Systems (CMS)
          • Feature Toggle
            • 3 Tier Architecture
            • GraphQL
            • HTTP 2
            • History of Client Server Communication
            • gRPC
            • HTTP status codes
            • tRPC
            • DataDog
            • Monitoring
          • Backend What happens when you go to Google
          • Container Overview
          • Docker
            • Database Normalization
            • Database Partitioning
            • N + 1 Problem
            • ORM
            • Column databases
            • Database Indexes
            • Scaling up database writes
            • Speed up queries
            • UUID as primary key?
              • Redis
              • Schemas for lakehouse
              • Databricks
            • Installing Postgres
            • MySQL
            • Query runs in SQLAlchemy but not PyCharm
            • SQL Security
            • SQL Unit tests
            • Django ORM vs raw SQL
              • Find duplicate value in a column
              • Hardcoded SQL
              • SQL Dates
              • SQL Sum should be zero even if group by returns no rows
              • Database Locks
              • Indexing
              • PSQL Debug Slow Queries
              • PSQL Query Optimization
              • PSQL Vacuum
                • CTE vs Materialized CTE vs temp table
                • Flexibility of DROP SET SCHEMA
                • Materialized view
              • Data Definition Language (DDL)
              • Distinct
              • Exporting SQL
              • Intersection Operator (&&)
              • SQL Filter
              • Sum and coalesce
              • SQL Arrays and JSON
              • SQL Boolean
              • SQL Ranges
              • SQL Relationships
              • SQL strings
              • SQL Window functions
              • Connecting to PSQL
              • Heroku sql
              • PSQL Shell
              • `.psqlrc`
          • Testing Node.js
          • Python Formatting
          • Python Threads
          • PyCharm
            • Debugging Python
            • Python Generators and Iterators
            • Python Imports
            • Python logging
            • Python
            • Square bracket notation
              • Python when to pin version
              • Python virtual environment tools
              • Data Structures
              • Python Dates
              • Python Lists
              • Python Typing
                • [Python decorators](https://realpython.com/primer-on-python-decorators/)
                • Python Dictionaries
                • Python Error handling
                • Custom classes/objects
                  • Python Custom Classes
                  • Python Dunder syntax
                • Regex
                • Python String Formatting
              • unittest `patch`
              • `unittest`
            • Django Admin
            • Scaling Django Where to put business logic
            • Django Auth app
            • Django HTTP
            • Django inbox
            • Django `manage.py` scripts
            • Django Signals
            • Setting up Django
              • Django Models
              • [Django Querying](https://docs.djangoproject.com/en/4.1/topics/db/queries/)
              • Django Raw SQL Queries
              • [DRF Serializers](https://www.django-rest-framework.org/api-guide/serializers/)
              • [Swagger (drf-yasg)](https://drf-yasg.readthedocs.io/en/stable/readme.html)
              • Django Factories
              • Django Testing Endpoints
              • Testing Django
                • Running Tests
                • Faster Django tests in PyCharm
            • Pandas Inbox
            • Pandas Writing
            • Plotting Pandas
            • Why Pandas
            • Machine Learning
        • Accessibility (a11y)
        • Base64
        • Images
        • Mobile
          • CORS
          • Video
          • Browser Usage Tricks
          • Parts of a browser
          • Customize how Firefox looks
          • Forms
          • Frontend What happens when you go to Google
          • SVG
          • HTML Tags
            • CSS in JS Frameworks
            • CSS stuff from JS (no frameworks)
            • Styled Components 💅🏾
            • SASS
            • Tailwind CSS
            • CSS Color
            • Which units to use
            • Css animation
            • CSS Fundamentals
            • Css images
              • Border, outline and box shadow
              • Margin
              • Box Model
              • CSS Selectors
              • Downsides of CSS variables
              • CSS Browser Tricks
              • [CSS Inheritance](https://courses.joshwcomeau.com/css-for-js/01-rendering-logic-1/01-built-ins-and-inheritance)
              • Media Queries
              • Button
              • Tooltip
              • CSS Modal
              • CSS Grid
              • Flexbox
              • Flow Layout
              • [Grid vs Flexbox](https://fullchee-reminders.netlify.app/link/797)
              • Overflow
              • Positioned Layout
              • Stacking Contexts
              • Typography Layout
          • Text Copy Writing
          • Design
          • JavaScript Leetcode
          • Why JavaScript Frameworks
          • Browser JavaScript
          • JavaScript importing
          • Single Page App
          • Spot the bug solutions
          • Spot the bug
          • [underscore.js](https://underscorejs.org/)
            • Intro to Promises
            • Multi-threaded JavaScript
            • Non-intro Promise Notes
            • JavaScript Arrays
            • JavaScript Dates
            • JavaScript Objects
            • JavaScript
            • ESLint and Prettier
            • Source Maps on Prod
            • JS Build Tools
            • [JS Monorepos](https://fullchee-reminders.netlify.app/link/1694)
            • Js package managers
            • Implementing React
            • React Accessibility (a11y)
            • Why React
            • [Error Boundaries](https://reactjs.org/docs/error-boundaries.html)
            • [JSX in Depth](https://reactjs.org/docs/jsx-in-depth.html)
            • [PropTypes](https://reactjs.org/docs/typechecking-with-proptypes.html)
            • [React Context](https://reactjs.org/docs/context.html)
            • React Performance ⚡
            • Refactoring React
              • Implementing Hooks
              • React Hooks
              • Why React Hooks
              • React Router v6
              • React Router v5
              • How React is used
              • Next JS
              • One way data flow
                • Epic React 3: Advanced React Patterns
                • [Compound components](https://kentcdodds.com/blog/compound-components-with-react-hooks)
                • React Query
              • Jest
              • React Testing Library
              • msw (mock-service-worker)
              • React Testing: Act and Assert
              • Testing Custom Hooks
              • Alternatives to Redux
              • Redux
              • TypeScript and Redux
            • [Why Storybook](https://storybook.js.org/)
            • Setting up Storybook
            • Writing your first Story
            • Using Storybook
            • Testing Stories
            • Chromatic
            • Converting codebase to TypeScript
            • TypeScript and React
              • Infer
              • Type Naming Conventions
              • TypeScript Generics
              • TypeScript versions
              • Types vs Interfaces
              • Empty TypeScript Types
              • TypeScript Objects
              • TypeScript
        • Index
        • Array
        • Binary search
        • Debounce
        • Graphs
        • Javascript leetcode
        • Leadership experience
        • Math pseudorandom
        • Template to reject a company's offer
        • Blindfolded: split a deck of cards so they have the same number of face up cards
          • Natural Sort
          • Strings
        • DRY vs SoC
        • Monolith vs SOA vs Microservices vs serverless vs edge

    Security Inbox

    TryHackMe: OWASP Juicebox

    5 developer tools for detecting and fixing security vulnerabilities

    https://web.dev/security-headers/

    SRI: Sub-resource Integrity

    <script
  src="//cdnjs....."
  integrity="sha256-..." 
  crossorigin="anonymous">

    if the CDN gets hacked, then the script won't run

    Last update: 2023-04-24
    Back to top
    Previous JSON Web Tokens (JWTs)
    Next Cookies
    Copyright © 2022 Fullchee Zhang
    Made with Material for MkDocs